Boffins Build Automated Android Bug Hunting System
- Reference: 0179032572
- News link: https://it.slashdot.org/story/25/09/05/196218/boffins-build-automated-android-bug-hunting-system
- Source link:
> Ziyue Wang (Nanjing) and Liyi Zhou (Sydney) have expanded upon [2]prior work dubbed A1, an AI agent that can develop exploits for cryptocurrency smart contracts, with A2, an AI agent capable of vulnerability discovery and validation in Android apps. They describe A2 in [3]a preprint paper titled "Agentic Discovery and Validation of Android App Vulnerabilities."
>
> The authors claim that the A2 system achieves 78.3 percent coverage on the Ghera benchmark, surpassing static analyzers like APKHunt (30.0 percent). And they say that, when they used A2 on 169 production APKs, they found "104 true-positive zero-day vulnerabilities," 57 of which were self-validated via automatically generated proof-of-concept (PoC) exploits. One of these included a medium-severity flaw in an Android app with over 10 million installs.
[1] https://www.theregister.com/2025/09/04/boffins_build_automated_android_bug_hunting/
[2] https://arxiv.org/abs/2507.05558
[3] https://arxiv.org/pdf/2508.21579v1
just one? (Score:1)
> One of these included a medium-severity flaw in an Android app with over 10 million installs.
You are kidding me. Just one?
Re:What makes them Boffins? (Score:4, Informative)
Boffin is basically a British word for scientists and the likes, that has taken a different meaning across the pond. But the Register is a British paper. Slashdot editors of course cannot be arsed to care.
Re: (Score:3)
Hmmm, here in Australia 'boffin' is more or less a term of endearment.
A bunch of clever folks doing intellectual things, for which journalists with no technical background assume is magic.
Even in an ironic sense here "Researchers found 100 vulnerabilities in common Android apps. Those Boffins, how dare they? They could be doing something useful with their time like building AI-powered nukular rockets for Dr Evil."
Re: (Score:2)
Pretty much the same, yes
Re: (Score:2)
The headine is also wrong, it should read Boffins Build Tool for Flooding Devs with Even More AI Slop . Gee, I can't wait!
Used for Curl (Score:2, Interesting)
25 bug reports submitted. [1]https://gist.github.com/bagder... [github.com]
These include gems like:
* Vulnerability code changes are disclosed on the Internet
* Buffer overflow in Strcpy (which didn't get reproduced)
* Vulnerabilities that exist, but the code identified as the cause didn't appear in the codebase
* Local file accessed using file://
* And the latest: [2]Cookies leaking from 127.0.0.1 to 127.000.000.001 [hackerone.com]
[1] https://gist.github.com/bagder/07f7581f6e3d78ef37dfbfc81fd1d1cd
[2] https://hackerone.com/reports/3324901
Re: (Score:2)
It's what people in England call a scientist.
Re: (Score:2)
> It's what people in England call a scientist.
Only those of us who are over 80 and a few others who write for newspapers.
Re: (Score:2)
> wtf is a boffin?
It's a small baked bun, typically dusted with sugar or similar, that you have with a cup of tea. In the US it'd probably be called a muffin even though it isn't really.
You're welcome.